Computers are not made for IE. IE comes with Windows. You do not have to use IE and if you do you are more prone to viruses and malware. Xp Antivirus 2008 which is a nasty virus shows up in IE but not in Firefox. Firefox automatically blocks it. Using Firefox or even Opera is a smarter choice then IE. Explain to me Red how using the most popular and safe browser Firefox can cause problems. Please tell me I need to know. Once again please also show me where a pc is infected with tracking cookies. Please I want to see this. CCleaner is the most popular software out there for deleteing cookies and temp files. 5,357,591 downloads form download.com cannot be wrong.
Dieselman I know you are on here like all the others, to help. I don't think your intentions are being questioned. But maybe your delivery may need a little bit of tweaking. You do appear very knowledgable and we are all lucky to have you share that knowledge.
But not at the price of what at times, and I stress at times appears, and again I stress appears, to be a little bullying.
I really like this forum and the people who help. I know my questions can be annoying and irritating, but appreciate everyone's sense of patience with me. So in this regard I ask that you continue to help us all, but please do so in a "kinder" way. Thanks
I think that my pc is infected with a persistant Tracking Cookie. Currently we are getting daily attacks and intrusion attempts. NAV blocks most of these but i dont think all. We scan and find tracking cookies, we fix them and the attacks stop. A little while later and maybe a reboot also and the attacks start again. We scan and find tracking cookies and we fix them and the attacks stop. I think that the cookie can rebuild itself and allow the attackers to find our machine again. the machine is being damaged each time and now the entire cookies folder has disappeared and i cant find it. Ofcourse that machine is now in isolation and not used for surfing but when it goes online the attacks begin. The same wireless modem is used on many other machines but none of them are being hit.
The tracking cookies I get, I can almost tell exactly what websites they come from. I will delete all via scan. then go back to a particular website. then run another scan and the same cookies come up.
I am surprised though at soem of the sites taht use them, such as usahockey .com. Not sure why they'd be interested in where I go.
The tracking cookies I get, I can almost tell exactly what websites they come from. I will delete all via scan. then go back to a particular website. then run another scan and the same cookies come up.
I am surprised though at soem of the sites taht use them, such as usahockey .com. Not sure why they'd be interested in where I go.
To see how many people are visiting the Web Site is also another use of T.C.s.
Ok people one more time. Cookies and or Tracking cookies cause no harm. Read the links I posted. Do a simply test. Surf the internet as you always do. Then use CCleaner and use it to clean your cookies,temp files and history. Reboot. Run a scan with NIS and you will see no cookies found. Reboot isnt nessary but I added it in. If you want to block cookies under IE simply move the slider up in the privacy tab. Better yet use Firefox which has been proven more secure then IE. Also add in the cookies plugin if you want. If you really want to be secure then simply Sandbox your browser which is what I do. I surf and download everything in site and still never been infected. Common sense plays a big role also.
Yes i have tried every trick that i know to find how our attacker knows when the machine is online. Delete cookies, clear history, scan after scan removing cookies but do you know that it just keeps coming back. Safe mode is a good one but after removing the tracking cookies they eventually return and believe me the machine just does not surf for the fun of it, it is a work machine. I even thought that they were pinging the thing to test if it was online but our isp tells us that our ip addr is reset every log on. Can the machine be discovered through undisclosed Outlook Express emails that we never even see? The attacks are usually buffer overrun intrusion attempts that NAV blocks. Now i suspect that the machine its self is tell the attackers when it is online and calling down the intrusion attempts. The strange thing is that NAV will find 6 tracking cookies but only process 5 and the next scan will discover 0. I have the names of the registry keys that have been altered by suspicious activity and some .exe files that are supposed to have been allowed to run ( not by us) and are now missing. I will note them down and post them next time.
I think that this is a safe link to a description of the file that got into our system. My whole audio control panel is gone and the analogue devices folder is empty. http://www.prevx.com/filenames/X1136171195419908341-0/SMAX42EEXE.html . The file entered through NAV executed itself before it could be deleted then disappeared, all the NAV History logs changed and something is now hiding in the system. NAV doesnt detect anything other than a tracking cookie which gets removed and then comes back, i downloaded Malwarebytes and scanned but found nothing. I only have a few traces of information left which Norton noted as registry keys modified and added. I will post them next time if anyone wants to see what they are. I havnt removed any restore points yet as i am curious to find this thing. Can i make a back up copy of the restore information on a DVD?
Since I've been doing some cleanup work, too, I'd like to know why would I want to run Full Scans in Normal Mode if I am going to run them again in Safe Mode? We're talking about hours of extra (unnecessary) time, aren't we?
Since I've been doing some cleanup work, too, I'd like to know why would I want to run Full Scans in Normal Mode if I am going to run them again in Safe Mode? We're talking about hours of extra (unnecessary) time, aren't we?
Since Windows only starts relevant Programs, then, one of the Progams not run could be Infected.
Red wrote: "Since Windows only starts relevant Programs, then, one of the Progams not run could be Infected."
But the AV checks all programs as well as some running processes. Are you saying that there may be processes the AV will find but not the files that launched them?
It that's true, then you should run the scans in the opposite order. Safe Mode scans first using both products, then the regular mode. That way, you diminish the chance of launching a viral process and doing damage before the scans find the process.
I have scanned everything in every order and yet NAV still detects nothing even though whatever it is has corrupted my audio software. I think that it has set itself up as a legitimate process and the intrusion attemps we are getting that NAV blocks are really our computer trying to call another pc to connect and exchange data.The two most suspicious registry keys changed were the \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvCplDaemon and \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SoundMAXPnp. The NvCpl change may be legitimate but the other has definately destroyed my audio software and is running something else in its place.
You mentioned earlier that you did not remove your restore points.
My suggestion would be to delete all restore points as they may have become infected. Do not try to "save" them.
Once they are deleted try the NAV scan and then the Malwarebytes scan again (I know you have done this before) in Safe Mode while unplugged from the internet.
NvCplDamemon is part of your Nvidia drivers and that os a normal entry. I have that entry. And SoundMAXPnP is a process installed alongside the Analogue Devices range of audio products which have to do with your Soundcard. All you need to do is Google them Both of those entries are normal.
